Vormetric Extends CoreGuard Stored-Data Security System to Protect Host and Application Integrity

New features lock down server and application integrity by stopping all instances of unauthorized code

Santa Clara, Calif., February 17, 2004 - Vormetric Inc., the leading provider of security solutions for protecting stored data, today announced CoreGuard 3.0, an integrated approach to protecting servers, applications and data at rest. CoreGuard 3.0, which will be demonstrated at the 2004 RSA show in San Francisco, offers important new features, including advanced host integrity protection that prevents the execution of any unauthorized code, including Trojans, 'zero-day' worms and unapproved patches, before the code presents a threat to valuable stored data.

Recent malicious code attacks such as MyDoom, and the recent disclosure by Microsoft of a significant vulnerability (ASN.1 library) that can result in an attacker gaining control over servers, are heightening public awareness of the threats to hosts, applications and stored data inside the data center perimeter.

"Identifying and patching vulnerabilities prior to attack, and the need to know what the attack looks like before protection can be implemented to block it, are fundamentally reactive in nature," said Stuart McClure, president and CTO of Foundstone and co-author of "Hacking Exposed." "Patches to vulnerabilities can take six months to test and deploy in mission-critical installations, and new vulnerabilities are being discovered every week. Data centers are in a constant, costly race with attackers.

"Vormetric's approach to host and application integrity changes this paradigm because it provides a means of recognizing software known to be good, and prevents all other processes from running. Worms and other malicious code, whether known or unknown, are blocked by default. Vormetric's approach is, therefore, proactive and preventative."

Even without malicious code and vulnerabilities, however, data resident in the enterprise core is still vulnerable. For example, DBAs, system administrators, storage managers-and hackers-who have unintended super-user privileges can easily obtain unfettered access to nonpublic personal information, intellectual property and classified data.

"As intranets, extranets and corporate Internet access evolve, security will become an even bigger issue than it is today. Access by more users who use more devices from more locations will become the norm," said Roberta Witty, research director at Gartner. "Most enterprises have deployed what they perceive to be an adequate level of security, typically focusing on perimeter security activities, such as firewalls, intrusion detection and prevention, spam filtering and other functions. Now, you must focus on security issues that provide 'fine-grain' security regarding who has access to what resources."

By enabling strong data security across widespread, heterogeneous environments, CoreGuard 3.0 simplifies the enforcement of enterprise data security. The transparency and extensibility of CoreGuard's architecture allow data to be protected regardless of where or in what form it is stored. In addition, CoreGuard does not require modification to applications, database structures or storage infrastructures. For enterprises that face the challenge of protecting data in a heterogeneous and changing environment, CoreGuard 3.0 allows central management of security policies across multiple forms of data, multiple storage architectures and multiple operating systems.

The CoreGuard System uses an innovative technology that combines fine-grain access control with high-speed encryption to protect sensitive stored data. CoreGuard shields stored data by granting access and viewing privileges only to intended users who are using the intended application and are performing intended operations during intended time windows. CoreGuard ensures that pre-set user and application access rules are enforced anytime data is being accessed. Furthermore, by selectively encrypting file content using industry-standard AES or 3DES algorithms, while still keeping file system metadata readable, Vormetric's MetaClear encryption is able to secure data and prevent viewability, including by system administrators with root privileges. Thus, CoreGuard secures data while remaining transparent to data management processes, such as backup. Block encryption methods, by contrast, can mask file system metadata and inhibit storage management operations.

CoreGuard 3.0 also introduces the CoreGuard Host Crypto Processor, a PCI subsystem that provides system architects with additional flexibility in determining the location of encryption processing. With CoreGuard 3.0, encryption can now be performed in the host, either on the host CPU or on the Host Crypto Processor, or offloaded to the CoreGuard Security Server appliance.

"Enterprise data has become a critical business asset that must be protected," said Bill Schroeder, president and CEO of Vormetric. "With both internal and external threats becoming increasingly prevalent, Vormetric is committed to providing security that addresses the major threats to enterprise data. With CoreGuard 3.0, companies can rest easy knowing that their digital assets are well protected."

New Features in CoreGuard 3.0:

  • Host Integrity Protection: Prevents tampering with OS and application binaries, configuration files and resource libraries, keeping unauthorized processes and malicious code from damaging the integrity of the protected servers or workstations.

  • Application Integrity Assurance: Prevents unauthorized processes and malicious code from being loaded into memory space, allowing only authorized applications to run. Can be integrated into enterprise patch management systems to block or alert relative to unauthorized patches.

  • New Management Interface: Easy-to-use GUI with simplified security policy creation.

  • Application Integrity Manager: Simplifies the creation of protection policies by incorporating the NIST-published database of known good applications. The Application Integrity Manager also allows the administrator to create new cryptographic fingerprints for applications not included in the reference database, creating a solid record of approved applications and eliminating vulnerability to unauthorized or malicious code such as worms and Trojans.

  • Host Crypto Processor: An optional PCI subsystem that eliminates any additional loading of the CPU when encryption processing is performed in the host. Driver support includes Linux, Windows and Solaris.

  • Management Console PKI Support: Allows customers to import X509 digital certificates for enhanced log-in procedures.

  • FIPS: Complies with Federal Information Processing Standards (FIPS) 140-2 Level 2. This allows CoreGuard to meet the strict federal approval requirements for cryptographic products while NIST certification of CoreGuard is in process.

  • Windows 2003: Beta release of Windows 2003 support is now available, extending CoreGuard functionality to Windows 2003 server platforms.

Pricing and Availability

Vormetric's CoreGuard 3.0 will be generally available on February 23rd. CoreGuard 3.0 currently runs on Windows, Solaris and Linux with beta support available for Windows 2003. CoreGuard 3.0 is priced at $39,500 for the Security Server appliance, $4950 for the Host Crypto Processor and $2950 per protected server. To learn more about CoreGuard 3.0, please visit www.vormetric.com.

About Vormetric

Vormetric Inc. is the leading provider of enterprise security solutions that protect sensitive data at rest from unauthorized access and viewing. The company's CoreGuard Data Security System complements traditional perimeter security methods by securing valuable digital assets and enforcing enterprise security policies designed to comply with data protection regulations and legislation. By protecting sensitive data, companies and government agencies can improve organizational effectiveness and reduce operating costs by safely implementing such initiatives as Web services, pooled storage and IT outsourcing while concurrently reducing the risks of data theft. The CoreGuard System is a comprehensive solution comprised of stored data encryption, fine-grain data access control, and host and application integrity protection. The company is funded by Sigma Partners, Vanguard Ventures and QTV Capital and is headquartered in Santa Clara, California. http://www.vormetric.com